How do hackers hide their malware on Windows, to startup and be impossible to find and delete?
The results I found that a hacker can use to hide his malware: (found here)
Windows: Setting hidden attribute.
But I find these results too simple and could easily be discovered if the user changes settings. On Windows to start something up when the computer starts up, it needs to either be placed in Startup Folder or started as a Service.
So these can all be detected if the user has correct settings in place, and checks his services.
How does a good hacker hide a program on a computer to start up without ever being detected? Please give me examples.
And after that
I have a theory that if one makes his program to always start itself just before it's killed, then it can never be deleted while on the normal Windows interface. Please tell if I'm going banana's or this can be achieved.